package com.sky.aspect;

import com.sky.annotation.PreAuthorize;
import com.sky.context.BaseContext;
import com.sky.exception.BaseException;
import com.sky.service.EmployeeService;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.aspectj.lang.reflect.MethodSignature;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

import javax.servlet.http.HttpServletRequest;
import java.util.List;

@Component
//@Aspect
public class PermissionAspect {
    @Autowired
    private EmployeeService employeeService;
    @Autowired
    private HttpServletRequest request;


    @Before("@annotation(com.sky.annotation.PreAuthorize)")
    public void permissionControl(JoinPoint joinPoint) {
        //获取注解的值
        MethodSignature ms = (MethodSignature) joinPoint.getSignature();
        PreAuthorize anno = ms.getMethod().getAnnotation(PreAuthorize.class);
        String permission = anno.value();
        //获取当前用户所有权限
        List<String> permissions = employeeService.getPermissionsById(BaseContext.getCurrentId());
        if(!permissions.contains(permission)){
            throw new BaseException("用户无["+permission+"]权限");
        }


    }
}
